@@ -17,21 +17,35 @@ jobs:
1717 pull-requests : write
1818 id-token : write
1919 steps :
20- - name : Debug Secrets
20+ - name : Debug Secret Storage
2121 run : |
22- echo "Testing GitHub App configuration..."
23- echo "APP_ID length: ${#APP_ID}"
24- echo "PRIVATE_KEY length: ${#PRIVATE_KEY}"
25- echo "PRIVATE_KEY first 50 chars: ${PRIVATE_KEY:0:50}"
26- echo "PRIVATE_KEY last 50 chars: ${PRIVATE_KEY: -50}"
22+ echo "Checking secret storage..."
2723
28- # Check if it's a valid PEM format
29- if [[ "$PRIVATE_KEY" == *"BEGIN RSA PRIVATE KEY"* ]]; then
30- echo "✓ Contains BEGIN RSA PRIVATE KEY"
31- elif [[ "$PRIVATE_KEY" == *"BEGIN PRIVATE KEY"* ]]; then
32- echo "✓ Contains BEGIN PRIVATE KEY (PKCS#8 format)"
24+ # Check if secrets are accessible
25+ if [ -z "$APP_ID" ]; then
26+ echo "ERROR: APP_ID is empty"
3327 else
34- echo "✗ Missing proper PEM header"
28+ echo "✓ APP_ID exists (length: ${#APP_ID})"
29+ fi
30+
31+ if [ -z "$PRIVATE_KEY" ]; then
32+ echo "ERROR: APP_PRIVATE_KEY is empty"
33+ else
34+ echo "✓ APP_PRIVATE_KEY exists (length: ${#PRIVATE_KEY})"
35+
36+ # Check line count
37+ LINE_COUNT=$(echo "$PRIVATE_KEY" | wc -l)
38+ echo " Private key line count: $LINE_COUNT"
39+
40+ # Check if it's one line (might be base64 encoded or escaped)
41+ if [ "$LINE_COUNT" -eq 1 ]; then
42+ echo " WARNING: Private key is on a single line"
43+
44+ # Check if it contains literal \n
45+ if [[ "$PRIVATE_KEY" == *"\\n"* ]]; then
46+ echo " Contains literal \\n - needs unescaping"
47+ fi
48+ fi
3549 fi
3650env :
3751 APP_ID : ${{ secrets.APP_ID }}
0 commit comments